If a private key is password protected, whenever you need to access the private key you will need to supply the password.
In tQSLCert, you need to unlock the key when you save the certificate to a PKCS#12 file or when you use an existing certificate to sign a certificate request.